Since Redis is becoming increasingly popular around the world, we decided to investigate attacks on the Redis instance. We didn’t have to wait long for the first results of the Honeypot. The trap caught an activity about which the Western world does not hear too often while analyzing SkidMap. More importantly, this variant turned out to be a new, improved, dangerous variation of the malware. Its level of sophistication surprised us quite a bit.

A wise person once said that you should use the lookup command before you go threat hunting. Or, as I hear it in my head, “Look it up before you go-go…hunting”, a la WHAM!:   In this must-read tutorial for hunting in Splunk, we’re looking at the lookup command, including what it does and how and where to use it for threat hunting. Let’s get started! (This article is part of our Threat Hunting with Splunk series. We’ve updated it recently to maximize your value.)

During the summer months, when employees and customers are away on vacation, things usually slow down for businesses. But for cybercriminals, the opposite is true because they are busy taking advantage of minimal staffing levels in companies during the vacation period to launch complex attacks. The U.S. Federal Cybersecurity and Infrastructure Security Agency (CISA), warns that the risk of being hit by a cyberattacks rises over the holidays and summer vacation-themed phishing attacks gain momentum.

For threat actors looking to create widespread damage, attacking a third-party supplier with services and software that organizations can’t always control the security measures for continues to be an enticing target. The supply chain is now the weakest link.

TrustCloud is thrilled to announce a partnership with VanRein Compliance, a leading managed compliance provider that builds and manages clients’ compliance programs via audits, custom policies and procedures, online training, and more. TrustCloud and VanRein Compliance both share a mission – to make compliance accessible and affordable for all.

Your business runs on servers. Without your DNS server, your users wouldn’t be able to connect to online resources. Without your proxy servers, your local networks would be visible across the public internet. Without your database servers, your organization wouldn’t be able to execute the queries that enable them to make data-driven decisions. Since servers are critical to business operations, threat actors value them.

Modern enterprises have adopted more offensive measures to protect their organizations from evolving cyber threats. As a result, many security teams are looking to breach and attack simulation (BAS) and threat intelligence (TI) tools to enhance their programs and work more efficiently.

So you've received a critical risk finding for SSL not available, which means your domain does not have an SSL certificate installed on the server. To resolve this finding, you can generate and supply an up-to-date SSL/TLS certificate on your site. SSL, which stands for secure sockets layer, and its successor TLS, or transport layer security, are internet protocols for securing traffic between systems with an encryption algorithm.

Realst malware targets macOS Sonoma ahead of public release, infostealer malware sees exponential growth, and new Nitrogen malware spreads via Google Ads for ransomware attacks.

Recon Infosec is a growing managed security services provider run by a team of seasoned cybersecurity experts. After switching from their custom-engineered security stack to the LimaCharlie SecOps Cloud Platform, they achieved an annual cost savings of $100,000, improved their mean detection and response times by 98%, and laid the groundwork for scalable, long-term growth.